Skip to content

Plane-EE: Add webhook consumer service #242

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
akshat5302 wants to merge 6 commits into
base: master
Choose a base branch
from
Open

Plane-EE: Add webhook consumer service #242

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
50876f9
release: Update Plane version to `v2.5.3` in Chart.yaml, README.md, q…
akshat5302 Apr 14, 2026
c979542
Merge branch 'master' of https://github.com/makeplane/helm-charts
akshat5302 Apr 27, 2026
7098d4c
Merge branch 'master' of https://github.com/makeplane/helm-charts
akshat5302 May 19, 2026
1e893f8
Merge branch 'master' of https://github.com/makeplane/helm-charts
akshat5302 May 27, 2026
d7c23b0
feat: add webhook consumer service configuration and deployment
akshat5302 Jun 2, 2026
bf7d317
Merge branch 'master' of https://github.com/makeplane/helm-charts int…
akshat5302 Jun 3, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 22 additions & 0 deletions charts/plane-enterprise/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -490,6 +490,8 @@ securityContext:
| env.sentry_environment | | | (optional) API service deployment comes with some of the preconfigured integration. Sentry is one among those. Here user can set the Sentry environment name (as configured in Sentry) for this integration. |
| env.api_key_rate_limit | 60/minute | | (optional) User can set the maximum number of requests the API can handle in a given time frame. |
| env.web_url | | | (optional) Custom Web URL for the application. If not set, it will be auto-generated based on the license domain and SSL settings |
| env.webhook_allowed_ips | | | (optional) Comma-separated list of IPs/CIDRs that webhooks are allowed to target. Leave empty to allow all. |
| env.webhook_allowed_hosts | | | (optional) Comma-separated list of hostnames that webhooks are allowed to target. Leave empty to allow all. |
| services.api.assign_cluster_ip | false | | Set it to `true` if you want to assign `ClusterIP` to the service |
| services.api.nodeSelector | {} | | This key allows you to set the node selector for the deployment of `api`. This is useful when you want to run the deployment on specific nodes in your Kubernetes cluster. |
| services.api.tolerations | [] | | This key allows you to set the tolerations for the deployment of `api`. This is useful when you want to run the deployment on nodes with specific taints in your Kubernetes cluster. |
Expand Down Expand Up @@ -724,6 +726,26 @@ Note: When the email service is enabled, the cert-issuer will be automatically c
| env.automation_consumer_envs.exchange_name | "plane.event_stream" | | Exchange name for event stream |
| env.automation_consumer_envs.event_types | "issue" | | Event types to process |

### Webhook Consumer Deployment

| Setting | Default | Required | Description |
| ------------------------------------------------- | :------------: | :------: | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| services.webhook_consumer.enabled | false | | Set to `true` to enable the webhook consumer service deployment |
| services.webhook_consumer.replicas | 1 | | Number of replicas for the webhook consumer service deployment |
| services.webhook_consumer.memoryLimit | 1000Mi | | Memory limit for the webhook consumer service deployment |
| services.webhook_consumer.cpuLimit | 500m | | CPU limit for the webhook consumer service deployment |
| services.webhook_consumer.memoryRequest | 500Mi | | Memory request for the webhook consumer service deployment |
| services.webhook_consumer.cpuRequest | 250m | | CPU request for the webhook consumer service deployment |
| services.webhook_consumer.pullPolicy | Always | | Image pull policy for the webhook consumer service deployment |
| services.webhook_consumer.assign_cluster_ip | false | | Set it to `true` if you want to assign `ClusterIP` to the service |
| services.webhook_consumer.nodeSelector | {} | | This key allows you to set the node selector for the deployment of `webhook_consumer`. This is useful when you want to run the deployment on specific nodes in your Kubernetes cluster. |
| services.webhook_consumer.tolerations | [] | | This key allows you to set the tolerations for the deployment of `webhook_consumer`. This is useful when you want to run the deployment on nodes with specific taints in your Kubernetes cluster. |
| services.webhook_consumer.affinity | {} | | This key allows you to set the affinity rules for the deployment of `webhook_consumer`. This is useful when you want to control how pods are scheduled on nodes in your Kubernetes cluster. |
| services.webhook_consumer.labels | {} | | Custom labels to add to the webhook consumer deployment |
| services.webhook_consumer.annotations | {} | | Custom annotations to add to the webhook consumer deployment |
| env.webhook_consumer_envs.queue_name | "plane.webhook" | | RabbitMQ queue name the webhook consumer reads from |
| env.webhook_consumer_envs.prefetch_count | 10 | | Prefetch count for the webhook consumer |

### Iframely Deployment

| Setting | Default | Required | Description |
Expand Down
48 changes: 48 additions & 0 deletions charts/plane-enterprise/questions.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -493,6 +493,14 @@ questions:
label: "Web URL"
type: string
default: ""
- variable: env.webhook_allowed_ips
label: "Webhook Allowed IPs"
type: string
default: ""
- variable: env.webhook_allowed_hosts
label: "Webhook Allowed Hosts"
type: string
default: ""
- variable: services.worker.replicas
label: "Default Replica Count"
type: int
Expand Down Expand Up @@ -728,6 +736,46 @@ questions:
type: string
default: "issue"

- variable: services.webhook_consumer.enabled
label: "Enable Webhook Consumer"
type: boolean
default: false
group: "Webhook Consumer Setup"
show_subquestion_if: true
subquestions:
- variable: services.webhook_consumer.replicas
label: "Default Replica Count"
type: int
default: 1
- variable: services.webhook_consumer.memoryLimit
label: "Memory Limit"
type: string
default: 1000Mi
- variable: services.webhook_consumer.cpuLimit
label: "CPU Limit"
type: string
default: 500m
- variable: services.webhook_consumer.memoryRequest
label: "Memory Request"
type: string
default: 500Mi
- variable: services.webhook_consumer.cpuRequest
label: "CPU Request"
type: string
default: 250m
- variable: services.webhook_consumer.assign_cluster_ip
label: "Assign Cluster IP"
type: boolean
default: false
- variable: env.webhook_consumer_envs.queue_name
label: "Webhook Queue Name"
type: string
default: "plane.webhook"
- variable: env.webhook_consumer_envs.prefetch_count
label: "Webhook Prefetch Count"
type: int
default: 10

- variable: services.iframely.enabled
label: "Enable Iframely"
type: boolean
Expand Down
3 changes: 3 additions & 0 deletions charts/plane-enterprise/templates/config-secrets/app-env.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,3 +104,6 @@ data:
{{- else}}
CORS_ALLOWED_ORIGINS: "http://{{ .Values.license.licenseDomain }},https://{{ .Values.license.licenseDomain }}"
{{- end }}

WEBHOOK_ALLOWED_IPS: {{ .Values.env.webhook_allowed_ips | default "" | quote }}
WEBHOOK_ALLOWED_HOSTS: {{ .Values.env.webhook_allowed_hosts | default "" | quote }}
11 changes: 11 additions & 0 deletions charts/plane-enterprise/templates/config-secrets/webhook-consumer.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
{{- if .Values.services.webhook_consumer.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
namespace: {{ .Release.Namespace }}
name: {{ .Release.Name }}-webhook-consumer-vars
data:
WEBHOOK_QUEUE_NAME: {{ .Values.env.webhook_consumer_envs.queue_name | default "plane.webhook" | quote }}
WEBHOOK_PREFETCH_COUNT: {{ .Values.env.webhook_consumer_envs.prefetch_count | default 10 | quote }}
---
{{- end }}
77 changes: 77 additions & 0 deletions charts/plane-enterprise/templates/workloads/webhook-consumer.deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
{{- if .Values.services.webhook_consumer.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: {{ .Release.Namespace }}
name: {{ .Release.Name }}-webhook-consumer-wl
{{- include "plane.labelsAndAnnotations" .Values.services.webhook_consumer }}
spec:
replicas: {{ .Values.services.webhook_consumer.replicas | default 1 }}
selector:
matchLabels:
app.name: {{ .Release.Namespace }}-{{ .Release.Name }}-webhook-consumer
template:
metadata:
namespace: {{ .Release.Namespace }}
labels:
app.name: {{ .Release.Namespace }}-{{ .Release.Name }}-webhook-consumer
annotations:
timestamp: {{ now | quote }}
spec:
{{- include "plane.podScheduling" .Values.services.webhook_consumer }}
containers:
- name: {{ .Release.Name }}-webhook-consumer
imagePullPolicy: {{ .Values.services.api.pullPolicy | default "Always" }}
image: {{ .Values.services.api.image | default "makeplane/backend-commercial" }}:{{ .Values.planeVersion }}
Comment on lines +24 to +25

@coderabbitai coderabbitai Bot Jun 3, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Use the webhook consumer pull policy here.

Line 24 reads services.api.pullPolicy, so the new services.webhook_consumer.pullPolicy setting exposed in values.yaml and documented in README.md is currently ignored. That makes this workload impossible to configure independently and can break clusters that rely on IfNotPresent or Never for just this consumer.

Suggested fix 
-        imagePullPolicy:  {{ .Values.services.api.pullPolicy | default "Always" }}
+        imagePullPolicy:  {{ .Values.services.webhook_consumer.pullPolicy | default "Always" }}
         image: {{ .Values.services.api.image | default "makeplane/backend-commercial" }}:{{ .Values.planeVersion }}
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
imagePullPolicy: {{ .Values.services.api.pullPolicy | default "Always" }}
image: {{ .Values.services.api.image | default "makeplane/backend-commercial" }}:{{ .Values.planeVersion }}
imagePullPolicy: {{ .Values.services.webhook_consumer.pullPolicy | default "Always" }}
image: {{ .Values.services.api.image | default "makeplane/backend-commercial" }}:{{ .Values.planeVersion }}
🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@charts/plane-enterprise/templates/workloads/webhook-consumer.deployment.yaml`
around lines 24 - 25, The webhook-consumer deployment uses
.Values.services.api.pullPolicy for imagePullPolicy, ignoring the new
per-consumer setting; update the imagePullPolicy key in
webhook-consumer.deployment.yaml to reference
.Values.services.webhook_consumer.pullPolicy (with the same default fallback
used elsewhere, e.g., default "Always") so the consumer can be configured
independently from services.api.

stdin: true
tty: true
resources:
requests:
memory: {{ .Values.services.webhook_consumer.memoryRequest | default "500Mi" | quote }}
cpu: {{ .Values.services.webhook_consumer.cpuRequest | default "250m" | quote }}
limits:
memory: {{ .Values.services.webhook_consumer.memoryLimit | default "1000Mi" | quote }}
cpu: {{ .Values.services.webhook_consumer.cpuLimit | default "500m" | quote}}
readinessProbe:
exec:
command:
- sh
- -c
- pgrep -f "python" > /dev/null
initialDelaySeconds: 10
failureThreshold: 3
periodSeconds: 30
successThreshold: 1
timeoutSeconds: 5
command:
- ./bin/docker-entrypoint-webhook-consumer.sh
envFrom:
- configMapRef:
name: {{ .Release.Name }}-webhook-consumer-vars
optional: false
- configMapRef:
name: {{ .Release.Name }}-app-vars
optional: false
- secretRef:
name: {{ if not (empty .Values.external_secrets.app_env_existingSecret) }}{{ .Values.external_secrets.app_env_existingSecret }}{{ else }}{{ .Release.Name }}-app-secrets{{ end }}
optional: false
- secretRef:
name: {{ if not (empty .Values.external_secrets.doc_store_existingSecret) }}{{ .Values.external_secrets.doc_store_existingSecret }}{{ else }}{{ .Release.Name }}-doc-store-secrets{{ end }}
optional: false
- secretRef:
name: {{ if not (empty .Values.external_secrets.opensearch_existingSecret) }}{{ .Values.external_secrets.opensearch_existingSecret }}{{ else }}{{ .Release.Name }}-opensearch-secrets{{ end }}
optional: false
{{- if .Values.services.silo.enabled }}
- secretRef:
name: {{ if not (empty .Values.external_secrets.silo_env_existingSecret) }}{{ .Values.external_secrets.silo_env_existingSecret }}{{ else }}{{ .Release.Name }}-silo-secrets{{ end }}
optional: false
{{- end }}
{{- if .Values.extraEnv }}
env:
{{- toYaml .Values.extraEnv | nindent 10 }}
{{- end }}

serviceAccount: {{ .Release.Name }}-srv-account
serviceAccountName: {{ .Release.Name }}-srv-account
---
{{- end }}
24 changes: 24 additions & 0 deletions charts/plane-enterprise/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -389,6 +389,21 @@ services:
labels: {}
annotations: {}

webhook_consumer:
enabled: false
replicas: 1
memoryLimit: 1000Mi
cpuLimit: 500m
memoryRequest: 500Mi
cpuRequest: 250m
pullPolicy: Always
assign_cluster_ip: false
nodeSelector: {}
tolerations: []
affinity: {}
labels: {}
annotations: {}

pi:
enabled: false
replicas: 1
Expand Down Expand Up @@ -538,6 +553,11 @@ env:
instance_admin_email: ''
web_url: ''

# Comma-separated list of IPs/CIDRs and hostnames that webhooks are allowed to target.
# Leave empty to allow all (no restriction).
webhook_allowed_ips: ''
webhook_allowed_hosts: ''

live_sentry_dsn: ""
live_sentry_environment: ""
live_sentry_traces_sample_rate: ""
Expand Down Expand Up @@ -581,6 +601,10 @@ env:
exchange_name: "plane.event_stream"
event_types: "issue"

webhook_consumer_envs:
queue_name: "plane.webhook"
prefetch_count: 10

runner_envs:
execution_timeout_ms: "10000"
init_timeout_ms: "5000"
Expand Down